FCA: Discussion Paper on distributed ledger technology

The FCA has published discussion paper DP 17/3 on distributed ledger technology (DLT).  DLT is another name for blockchain technology and is developing rapidly.  For an overview of blockchain/DLT and how it works, please see our Blockchain 101 guide.

The release of the discussion paper coincided with the publication of a speech by Christopher Woolard, Executive Director of Strategy and Competition at the FCA, which stressed the need for effective regulation and building a common understanding of the principles of good innovation.  The FCA is engaging with overseas regulators and standard setting bodies in relation to DLT, including ESMA, IOSCO and the FSB as the FCA considers cross-border applications of DLT need collaboration between regulators. ESMA published its own report on DLT in February 2017.

DLT also featured heavily in speeches by Mark Carney, Governor of the Bank of England, and the Chancellor, the Rt Hon Phillip Hammond MP, at the International FinTech Conference in London last week.  It is clear that firms and regulators are taking this potentially revolutionary technology seriously and it is only a matter of time before we see larger scale adopt of DLT in financial services.

Why has the FCA published the discussion paper?

The move follows a number of FCA initiatives designed to support competition and innovation, such as Project Innovate and the FCA's Innovation Hub. The Regulatory Sandbox, which forms part of Project Innovate, also aims to assist businesses to test products and services and a number of cases involving DLT are cited in the discussion paper.

The discussion paper is intended to generate debate around the future development of DLT and provides an overview of the FCA's initial thoughts on DLT. The FCA acknowledges that DLT offers "exciting potential to support the needs of consumers and the market", but that it also poses risks and new challenges.
At this stage, the FCA is chiefly concerned with whether its traditionally technology neutral stance is appropriate for DLT. The FCA comments that the potential for DLT to promote competition needs to be balanced against the FCA's statutory objectives of consumer protection and market integrity.

The discussion paper considers aspects of DLT, such as governance and technology resilience, and looks at the current regulatory context. It cites examples of the use of DLT, such as smart contracts in the payments industry and insurance, as well as the use of DLT-based solutions in securities settlement and know your customer and anti-money laundering processes.

DLT: risks and opportunities

Technology resilience

The FCA refers to the impact of system outages on consumer access to financial services and to the orderly functioning of markets. It notes the requirements for regulated firms in terms of ensuring that overall IT and cyber arrangements are proportionate to the nature, scale and complexity of their business, adding that DLT must provide a more resilient system than is currently available if it is to help the FCA deliver its statutory objectives.

Allocation of responsibilities & SMCR

The FCA comments that, as DLT is a shared system, firms will need to be especially mindful of allocating responsibilities appropriately given the absence of a central point of authority. It refers to the individual responsibilities set out in the Senior Managers and Certification Regime.

Third parties and outsourcing requirements

The discussion paper considers the implications of regulated firms relying on third parties (such as core developer groups of public, permissionless networks) to deliver DLT-based solutions. It considers how they can demonstrate appropriate outsourcing so as to fulfil firms' regulatory obligations around having appropriate systems, governance and controls.

Operational risks

The discussion paper refers to possible operational risks in relation to the implementation of DLT systems, particularly where a DLT system differs significantly from an existing system. The discussion paper also refers to cyber resilience and how DLT networks can protect themselves against attempts to break DLT network security. The FCA states that DLT networks will need to establish mechanisms to ensure appropriate levels of encryption are maintained (including responsibilities for key storage, availability and integrity). However, the paper notes the technology resilience advantages of DLT over other types of systems.

DLT, distributed data and InsurTech

The discussion paper looks at the possible uses of DLT for data sharing in financial services as it argues that efficient information sharing is an attractive aspect of DLT. It argues that DLT data-sharing capabilities would be appreciated in the reinsurance market, where multiple reinsurers need to underwrite each reinsurance treaty. It also suggests DLT could enable automated claims settlement through smart contracts. The paper also notes that DLT could, in the future, support new forms of risk transformation and significant changes in the reinsurance market. FCA believes that this can benefit consumers and increase competition.

Regulatory reporting

The FCA comments that it is currently researching the use of DLT to satisfy regulatory reporting requirements. It notes that a DLT solution to regulatory reporting would carry benefits and challenges such as managing the interface between a "front office system", which accepts orders, and a DLT regulatory reporting system.

DLT networks of regulated firms

The FCA observes an increase in collaboration and use of shared networks between market participants since the arrival of DLT. It notes the potential benefits of collaboration in AML checking and due diligence and argues that DLT could aid compliance with financial crime rules by replacing paper trails with auditable digital trails. The FCA states that the biggest obstacle would be that the solution would require network adoption by a number of firms to be effective. It notes that firms have historically been unwilling to outsource AML responsibilities.

Smart contracts

The paper notes the potential benefits that DLT can offer in aggregating and verifying data from a variety of sources, thereby saving costs and reducing the likelihood of discrepancies. It cites examples in the insurance subscription market, adding that greater trust might be placed in the system were, for example, subscription contracts transacted using DLT. The FCA refers to a business model it came across as part of the Regulatory Sandbox where smart contracts where used to aid charitable donations. The discussion paper cites DLT’s ability to give different permissions to various parties in a secure way as key aspect in the success of this case. The discussion paper argues that the ability for a smart contract to be negotiated and later fulfilled using DLT has clear applicability for the insurance industry.

Digital currencies

The discussion paper refers to concerns raised in relation to digital currencies, citing a warning issued by the European Banking Authority and the 2014 Government review. The discussion paper refers to the proposal to apply anti-money laundering obligations to firms operating as digital currency platforms or as custodian wallet providers for digital currencies that were introduced as part of the update to the Fourth Money Laundering Directive (published in July 2016).

DLT's compatibility with existing regulatory framework

The FCA notes that the current regulatory framework may favour certain technology types and business models other than DLT and that it has engaged with firms for clarification on a number of issues:

• Allocation of responsibilities. The FCA contrasts centralised systems, such as stock market trading, where there is a "clear nexus of control", with that of a trustless DLT network (which might not have central point of control with a regulatory nexus). It seeks respondents' views on the allocation of responsibilities in fully decentralised organisations. It also questions the potential governance arrangements that firms have in place when using applications on a public, permissioned network.
• Digital asset trading. The FCA states that initial feedback from firms via the Regulatory Sandbox suggest that firms are keen to use DLT to underpin trading in assets. The FCA comments that this might impact its market integrity objective and it will be keeping a close watch in this area.
• Collateral management. FCA notes proposals by some firms to use smart contracts to reduce prudential requirements via automating the calculation and exchange of collateral.

• Data protection. The FCA refers to firms' obligations under the Data Protection Act 1998 and guidance published by the Information Commissioner's Office (e.g. on the right to be forgotten) and how this might be potentially compromised by DLT. Although not cited by the FCA, we would note that firms' enhanced obligations under the General Data Protection Regulation (due to come into force in May next year) will also be key considerations for users of DLT.

The closing date for comments is 17 July 2017. The FCA will decide whether to publish a consultation paper or a summary of responses. It hopes to learn more from its Regulatory Sandbox and is planning a series of events, roundtables and bilateral discussions to engage with the industry on the subject of DLT.